Vulnerability-Lookup

CNVD-2017-21750

Vulnerability from cnvd - Published: 2017-08-18

Title

多款Dell产品安全绕过漏洞

Description

Dell是一家总部位于美国德克萨斯州朗德罗克企业。多款Dell产品存在安全绕过漏洞。攻击者可以利用漏洞绕过身份验证机制并获得未经授权的访问权限。

Severity

中

Patch Name

多款Dell产品安全绕过漏洞的补丁

Patch Description

Dell是一家总部位于美国德克萨斯州朗德罗克企业。多款Dell产品存在安全绕过漏洞。攻击者可以利用漏洞绕过身份验证机制并获得未经授权的访问权限。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

用户可参考如下供应商提供的安全公告获得补丁信息： http://blog.talosintelligence.com/2017/06/vulnerability-spotlight-dell-precision.html

Reference

http://www.securityfocus.com/bid/99360

Impacted products

Name
['DELL Precision Tower 5810', 'DELL Invincea-X 6.1.3-24058', 'DELL Invincea Dell Protected Workspace 5.1.1-22303']

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "99360"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2017-2802"
    }
  },
  "description": "Dell\u662f\u4e00\u5bb6\u603b\u90e8\u4f4d\u4e8e\u7f8e\u56fd\u5fb7\u514b\u8428\u65af\u5dde\u6717\u5fb7\u7f57\u514b\u4f01\u4e1a\u3002\r\n\r\n\u591a\u6b3eDell\u4ea7\u54c1\u5b58\u5728\u5b89\u5168\u7ed5\u8fc7\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u4ee5\u5229\u7528\u6f0f\u6d1e\u7ed5\u8fc7\u8eab\u4efd\u9a8c\u8bc1\u673a\u5236\u5e76\u83b7\u5f97\u672a\u7ecf\u6388\u6743\u7684\u8bbf\u95ee\u6743\u9650\u3002",
  "discovererName": "Marcin \u00e2??Icewall\u00e2?? Noga of Cisco Talos.",
  "formalWay": "\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u4f9b\u5e94\u5546\u63d0\u4f9b\u7684\u5b89\u5168\u516c\u544a\u83b7\u5f97\u8865\u4e01\u4fe1\u606f\uff1a\r\nhttp://blog.talosintelligence.com/2017/06/vulnerability-spotlight-dell-precision.html",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2017-21750",
  "openTime": "2017-08-18",
  "patchDescription": "Dell\u662f\u4e00\u5bb6\u603b\u90e8\u4f4d\u4e8e\u7f8e\u56fd\u5fb7\u514b\u8428\u65af\u5dde\u6717\u5fb7\u7f57\u514b\u4f01\u4e1a\u3002\r\n\r\n\u591a\u6b3eDell\u4ea7\u54c1\u5b58\u5728\u5b89\u5168\u7ed5\u8fc7\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u4ee5\u5229\u7528\u6f0f\u6d1e\u7ed5\u8fc7\u8eab\u4efd\u9a8c\u8bc1\u673a\u5236\u5e76\u83b7\u5f97\u672a\u7ecf\u6388\u6743\u7684\u8bbf\u95ee\u6743\u9650\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "\u591a\u6b3eDell\u4ea7\u54c1\u5b89\u5168\u7ed5\u8fc7\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "DELL Precision Tower 5810",
      "DELL  Invincea-X  6.1.3-24058",
      "DELL  Invincea Dell Protected Workspace 5.1.1-22303"
    ]
  },
  "referenceLink": "http://www.securityfocus.com/bid/99360",
  "serverity": "\u4e2d",
  "submitTime": "2017-07-05",
  "title": "\u591a\u6b3eDell\u4ea7\u54c1\u5b89\u5168\u7ed5\u8fc7\u6f0f\u6d1e"
}

CVE-2017-2802 (GCVE-0-2017-2802)

Vulnerability from cvelistv5 – Published: 2018-04-24 19:00 – Updated: 2024-09-17 03:59

Summary

An exploitable dll hijacking vulnerability exists in the poaService.exe service component of the Dell Precision Optimizer software version 3.5.5.0. A specifically named malicious dll file located in one of directories pointed to by the PATH environment variable will lead to privilege escalation. An attacker with local access to vulnerable system can exploit this vulnerability.

Severity ?

No CVSS data available.

CWE

dll hijiacking

Assigner

talos

References

2 references

URL	Tags
https://www.talosintelligence.com/vulnerability_r…	x_refsource_MISC
http://www.securityfocus.com/bid/99360	vdb-entryx_refsource_BID

Impacted products

1 product

Vendor	Product	Version
dell	Dell	Affected: Precision Tower 5810 with nvidia graphic cards. PPO Policy Processing Engine - FileVersion : 3.5.5.0 ati.dll ( PPO Monitoring Plugin ) - FileVersion : 3.5.5.0

Date Public ?

2017-06-30 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T14:02:07.816Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0247"
          },
          {
            "name": "99360",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/99360"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Dell",
          "vendor": "dell",
          "versions": [
            {
              "status": "affected",
              "version": "Precision Tower 5810 with nvidia graphic cards. PPO Policy Processing Engine - FileVersion : 3.5.5.0 ati.dll ( PPO Monitoring Plugin ) - FileVersion : 3.5.5.0"
            }
          ]
        }
      ],
      "datePublic": "2017-06-30T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "An exploitable dll hijacking vulnerability exists in the poaService.exe service component of the Dell Precision Optimizer software version 3.5.5.0. A specifically named malicious dll file located in one of directories pointed to by the PATH environment variable will lead to privilege escalation. An attacker with local access to vulnerable system can exploit this vulnerability."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "dll hijiacking",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-04-25T09:57:01.000Z",
        "orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
        "shortName": "talos"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0247"
        },
        {
          "name": "99360",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/99360"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "talos-cna@cisco.com",
          "DATE_PUBLIC": "2017-06-30T00:00:00",
          "ID": "CVE-2017-2802",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Dell",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Precision Tower 5810 with nvidia graphic cards. PPO Policy Processing Engine - FileVersion : 3.5.5.0 ati.dll ( PPO Monitoring Plugin ) - FileVersion : 3.5.5.0"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "dell"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An exploitable dll hijacking vulnerability exists in the poaService.exe service component of the Dell Precision Optimizer software version 3.5.5.0. A specifically named malicious dll file located in one of directories pointed to by the PATH environment variable will lead to privilege escalation. An attacker with local access to vulnerable system can exploit this vulnerability."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "dll hijiacking"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0247",
              "refsource": "MISC",
              "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0247"
            },
            {
              "name": "99360",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/99360"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
    "assignerShortName": "talos",
    "cveId": "CVE-2017-2802",
    "datePublished": "2018-04-24T19:00:00.000Z",
    "dateReserved": "2016-12-01T00:00:00.000Z",
    "dateUpdated": "2024-09-17T03:59:10.409Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2017-21750

CVE-2017-2802 (GCVE-0-2017-2802)

Tags

Sightings

Nomenclature